Thousands of Fortinet device login credentials were linked
Cybersecurity solutions provider Fortinet has confirmed that a cybercriminal has made public the SSL-VPN login credentials associated with at least 87.000 FortiGate SSL-VPN devices via the RAMP forum.
The compromised credentials were obtained by not having the devices updated against the CVE-2018-13379 vulnerability at the time it was being exploited.
The manufacture insists that those affected should update their systems and then reset their user passwords to fix the vulnerability.
References
-
09/09/2021thehackernews.com
-
10/09/2021gist.github.com
